3cd2a93530c7e8b7e2993f701914a59f3fd37ff764faf988f71f5bd55512f33a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb641a8bfd9d7dfc254498f4fbb0ffa6_JaffaCakes118
Size

1000KB
Sample

240419-2982faba4w
MD5

fb641a8bfd9d7dfc254498f4fbb0ffa6
SHA1

1a29e14b462677d0138453f94ffc23a462fcbe6a
SHA256

3cd2a93530c7e8b7e2993f701914a59f3fd37ff764faf988f71f5bd55512f33a
SHA512

1718e7e6626d679fc4ccc812ce41597c6f3b1292937deace6cc49532825afa82e434e7402fa8d4e694ed6b7822070f3a22a06093adb9fe16686545797106f874
SSDEEP

24576:Jrw/7hzzpxcU2K2Utkxn041B+5vMiqt0gj2ed:JcFzz3g+2nVqOL

Score

7^/10

Malware Config

Targets

- Target
  
  fb641a8bfd9d7dfc254498f4fbb0ffa6_JaffaCakes118
- Size
  
  1000KB
- MD5
  
  fb641a8bfd9d7dfc254498f4fbb0ffa6
- SHA1
  
  1a29e14b462677d0138453f94ffc23a462fcbe6a
- SHA256
  
  3cd2a93530c7e8b7e2993f701914a59f3fd37ff764faf988f71f5bd55512f33a
- SHA512
  
  1718e7e6626d679fc4ccc812ce41597c6f3b1292937deace6cc49532825afa82e434e7402fa8d4e694ed6b7822070f3a22a06093adb9fe16686545797106f874
- SSDEEP
  
  24576:Jrw/7hzzpxcU2K2Utkxn041B+5vMiqt0gj2ed:JcFzz3g+2nVqOL
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2